Elements of Safety Risk Management (SRM)
Safety Risk Management receives by far the most attention of any aspect of safety management systems. It is, as you might say, “where the action is,” in terms of managing risk. Despite the fact that other aspects of risk management provide equally valuable assistance in building a safety program, SRM deals most directly with risk exposure.
SRM is complex, as it:
- Requires as much “documenting what you are doing,” as “doing it”;
- Will be the area of your SMS program where you develop risk management tools; and
- Has many working parts needed to adequately practice SRM.
Here are the 4 important elements of Safety Risk Management (SRM).
1 - Safety Risk Management is a Process
The most important thing to always keep in mind about SRM is that it is a process. This process is circular, and loops back upon itself. Different industries will use SRM slightly differently, such as by stressing the importance of different SRM elements, but the basic principles are the same everywhere:
- Hazard identification, including identification of risks, mechanisms of hazards, and other safety weaknesses;
- Understand the safety behavior (human factors) and bureaucracy that influence safety; and
- Development of control measures designed to mitigate exposure.
Other resources online will usually identify anywhere from 3-5 stages in the risk management process, but the basic points are understanding hazards and risks, and then taking measures to control them.
2 - SRM is One of the 4 Pillars of SMS
The four pillars of SMS are the cornerstone of safety. They were created by the International Civil Aviation Organization (ICAO) and every civil aviation authority uses the four pillars as the centerpiece of their SMS requirements.
As said, while the four pillars are supposed be equal, in actuality SRM receives the most treatment by aviation service providers and civil aviation authorities. Why is it important that SRM is one of the four pillars? Because it acknowledges the fact that SRM is a worldwide acknowledged cornerstone of safety management systems:
- Determines need for risk controls;
- Evaluates adequacy of existing controls; and
- Assesses whether or not areas of exposure within acceptable limits.
These are the basic components of the SRM process as defined by most civil aviation authorities.
3 - Assess and Control Hazards, Risk, and Consequences
Much of safety risk management quality revolves around the ability to adequately assess various safety elements such as:
- Risk control adequacy;
- Likelihood of hazard or mishap occurring;
- Severity of mishap; and
- What kinds of measures are needed to reduce exposure.
The ability to control these elements will depend on the ability to assess them. Poor assessments lead to poor controls. Assessments include:
- Risk analysis; and
- A risk matrix.
Based on the findings of the analysis and assessment, safety managers should be able to identify what hazards and risks need in order to maintain acceptable exposure. Controls are:
- Safety policy and procedures;
- Aviation safety training;
- And so on.
During aviation SMS implementation, this aspect of SRM will occupy much of a safety manager’s time.
4 - Define Acceptable Level of Safety (ALoS)
Acceptable Level of Safety (ALoS) establishes an aviation service provider’s minimum level of acceptable risk for a hazard or risk. Acceptable describes the need for no further mitigatory actions on the part of the service provider for the safety concern in question. This valuation will be made based on the probability and severity of the safety concern in question.
Absolute safety is impossible. At the same time, service providers need to be able to establish thresholds for how much risk is acceptable. ALoS is the answer to this problem. What this means is that ALoS marks the point at which, for a given hazard/potential mishap:
- The current level of safety performance satisfactory;
- It would be impractical or far too expensive to take the measures needed to lessen exposure; and
- Controls are strong enough that the residual risk is willingly taken on by the service provider.
It’s up to each provider to establish how much exposure is and what isn’t acceptable. In this way, service providers define their ALoS, and then show to civil aviation authorities (e.g., with safety data), that they operating within an acceptable range of risk.
Final Thought: SRM Relation to Other Pillars
While SRM is stressed more than other pillars, it none the less depends on them.
- Safety Assurance monitors SRM processes to ensure that SRM is working;
- Safety Promotion develops the kind of aviation safety culture that allows SRM to flourish; and
- Safety Policy documents many SRM resources and activities.
For more information about SRM, you will find the FAA’s SRM overview very helpful for a full analysis of this process.